{
  "openapi": "3.1.0",
  "info": {
    "title": "Roberto API Platform",
    "version": "1.0.0",
    "description": "Kong, Apache APISIX, Envoy, REST, GraphQL, JWT, RBAC, rate limiting, logging, and monitoring portfolio runtime."
  },
  "servers": [
    {
      "url": "https://YOUR-PROJECT.pages.dev"
    }
  ],
  "paths": {
    "/api/health": {
      "get": {
        "summary": "Runtime health",
        "responses": {
          "200": {
            "description": "Healthy runtime"
          }
        }
      }
    },
    "/api/platform/overview": {
      "get": {
        "summary": "Platform topology",
        "responses": {
          "200": {
            "description": "Overview"
          }
        }
      }
    },
    "/api/rest/services": {
      "get": {
        "summary": "Backend services",
        "responses": {
          "200": {
            "description": "Service list"
          }
        }
      }
    },
    "/graphql": {
      "post": {
        "summary": "GraphQL endpoint",
        "requestBody": {
          "required": true,
          "content": {
            "application/json": {
              "schema": {
                "type": "object",
                "properties": {
                  "query": {
                    "type": "string"
                  }
                }
              }
            }
          }
        },
        "responses": {
          "200": {
            "description": "GraphQL response"
          }
        }
      }
    },
    "/api/auth/login": {
      "post": {
        "summary": "Issue demo JWT",
        "responses": {
          "200": {
            "description": "Token issued"
          },
          "401": {
            "description": "Invalid credentials"
          }
        }
      }
    },
    "/api/auth/me": {
      "get": {
        "summary": "Current identity",
        "security": [
          {
            "bearerAuth": []
          }
        ],
        "responses": {
          "200": {
            "description": "Identity"
          },
          "401": {
            "description": "Unauthorized"
          }
        }
      }
    },
    "/api/authorization/check": {
      "post": {
        "summary": "RBAC decision",
        "responses": {
          "200": {
            "description": "Allowed"
          },
          "403": {
            "description": "Denied"
          }
        }
      }
    },
    "/api/metrics": {
      "get": {
        "summary": "Prometheus metrics",
        "responses": {
          "200": {
            "description": "Metrics"
          }
        }
      }
    }
  },
  "components": {
    "securitySchemes": {
      "bearerAuth": {
        "type": "http",
        "scheme": "bearer",
        "bearerFormat": "JWT"
      }
    }
  }
}